CVE-2026-27908 Windows TDI Translation Driver (tdx.sys) Elevation of Privilege Vulnerability

...

CVE-2026-27915 Windows UPnP Device Host Elevation of Privilege Vulnerability

...

EUVD-2025-209437

A vulnerability in the AdminServer component of OpenEdge on all supported platforms grants its authenticated users OS-level access to the server through the adopted authority of the AdminServer process itself. The delegated authority of the AdminServer could allow its users the ability to read...

April 14, 2026-KB5082418 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Microsoft server operating system, version 23H2

April 14, 2026-KB5082418 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Microsoft server operating system, version 23H2 Release Date: April 14, 2026 Version: .NET Framework 3.5 and 4.8.1 The April 14, 2026 update for Microsoft server operating system, version 23H2 includes security and...

April 14, 2026-KB5082417 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11, version 25H2 and Microsoft server operating system 24H2

April 14, 2026-KB5082417 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11, version 25H2 and Microsoft server operating system 24H2 Release Date: April 14, 2026 Version: .NET Framework 3.5 and 4.8.1 The April 14, 2026 update for Windows 11, version 25H2 and Microsoft server...

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally...

CVE-2025-7389 Unauthorized Arbitrary File Read via RMI in AdminServer Interface

A vulnerability in the AdminServer component of OpenEdge on all supported platforms grants its authenticated users OS-level access to the server through the adopted authority of the AdminServer process itself. The delegated authority of the AdminServer could allow its users the ability to read...

darksword-Exploit

🗡️ DarkSword — iOS Full-Chain Exploit Analysis Reference:...

CVE-2026-33793

An Execution with Unnecessary Privileges vulnerability in the User Interface UI of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged attacker to gain root privileges, thus compromising the system. When a configuration that allows unsigned Python op scripts is present o...

CVE-2026-27675 Code Injection vulnerability in SAP Landscape Transformation

SAP Landscape Transformation contains a vulnerability in an RFC-exposed function module that could allow a high privileged adversary to inject arbitrary ABAP code and operating system commands. Due to this, some information could be modified, but the attacker does not have control over kind or...

CVE-2026-27675 Code Injection vulnerability in SAP Landscape Transformation

SAP Landscape Transformation contains a vulnerability in an RFC-exposed function module that could allow a high privileged adversary to inject arbitrary ABAP code and operating system commands. Due to this, some information could be modified, but the attacker does not have control over kind or...

CVE-2026-27675

SAP Landscape Transformation contains a vulnerability in an RFC-exposed function module that could allow a high privileged adversary to inject arbitrary ABAP code and operating system commands. Due to this, some information could be modified, but the attacker does not have control over kind or...

EUVD-2026-22147

SAP Landscape Transformation contains a vulnerability in an RFC-exposed function module that could allow a high privileged adversary to inject arbitrary ABAP code and operating system commands. Due to this, some information could be modified, but the attacker does not have control over kind or...

EUVD-2026-22144

Due to a missing authorization check, SAP S/4HANA Private Cloud and On-Premise allows an authenticated user to delete files on the operating system and gain unauthorized control over file operations which could leads to no impact on Confidentiality, Low impact on Integrity and Availability of the...

CVE-2026-27673

Due to a missing authorization check, SAP S/4HANA Private Cloud and On-Premise allows an authenticated user to delete files on the operating system and gain unauthorized control over file operations which could leads to no impact on Confidentiality, Low impact on Integrity and Availability of the...

CVE-2026-27673

CVE-2026-27673 describes a missing authorization check in SAP S/4HANA (Private Cloud and On-Premise) that allows an authenticated user to delete files on the operating system and perform unauthorized file operations. The underlying impact reported is: Confidentiality – None, Integrity – Low, Avai...

Microsoft Windows 安全漏洞

Microsoft Windows is an operating system used by personal devices by the American company Microsoft. There are security vulnerabilities in Microsoft Windows Universal Plug and Play UPnP Device Host. Attackers can exploit these vulnerabilities to gain higher privileges. The following products and...

KLA90986 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, gain privileges, cause denial of service, spoof user interface, execute arbitrary code, read local files. Below is a complete...

SAP S/4HANA 安全漏洞

SAP S/4HANA is a enterprise resource management software developed by SAP, a German company, based on the SAP HANA memory database system. There is a security vulnerability in SAP S/4HANA, which stems from the lack of authorization checks. This vulnerability may lead to the deletion of operating...

Microsoft Windows 资源管理错误漏洞

Microsoft Windows is an operating system used by personal devices by the American company Microsoft. There is a resource management vulnerability in Microsoft Windows Universal Plug and Play UPnP Device Host. Attackers can exploit this vulnerability to obtain sensitive information. The following...